I am daily getting reports of Trojan.tr/crypt.xpack.gen being prevented from infecting my machine.
Accepted Answer
-
Hello @GlennB
Welcome to the F-Secure Community. Thank you for your post.
We kindly recommend that you send us an FSDIAG report along with a copy of the suspicious file (if available) for a thorough analysis by our lab.
Please be sure to tick the box that says, "I want to provide more details about this sample and receive updates on the analysis results." This will help us get in touch with you if needed, so please share your contact information and any extra information about the issue.
To assist you with the submission process, you can refer to this link: How can I submit samples to F-Secure? - F-Secure Community
Click here for instructions on how to generate the FSDIAG.
Thank you so much, and I wish you a fantastic day.
Answers
-
Hello,
Sorry for my reply. I am only an F-Secure user.
There are some topics with a discussion about 'Trojan.tr/crypt.xpack.gen'-detection. Some of them:
- Internet Security finds a trojan but will not clean it — F-Secure Community
- Should I be worried about this? — F-Secure Community
Could you check if any suggestion from mentioned topics are useful to your situation?
Since this generic detection is maybe related to Avira's based engine, you can try to read their article on subject: https://support.avira.com/hc/en-us/articles/360000293278-What-measures-can-I-take-against-MBR-ransomware-TR-Crypt-XPACK-Gen-
Based on that article, your system is not impacted by running a malicious executable (malware). However, sounds that something is still 'dropping' its first stage. Maybe visiting a certain website or some other tricky software.
So, as such I will recommend to run a Full Scan by F-Secure solution (open its User Interface, open "Viruses and Threats" card, choose 'Full Scan' option). Check about the results.
However, to deal with described situation/appearance is only possible after analyzing. I mean, more information is required (such as which files were detected; where and when it started and so on). Or need to contact F-Secure Support for their remote assistance (investigating logs and so things): Contact support | F-Secure
Thanks!
